lkft/sashal-linus-next - v6.13-rc7-43476-g00b0249a355d - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper

Date

July 8, 2025, 7:07 p.m.

Environment
qemu-arm64
qemu-x86_64

[   21.438546] ==================================================================
[   21.438611] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   21.439497] Free of addr fff00000c78dc000 by task kunit_try_catch/239
[   21.439631] 
[   21.439678] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.440127] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.440179] Hardware name: linux,dummy-virt (DT)
[   21.440421] Call trace:
[   21.440498]  show_stack+0x20/0x38 (C)
[   21.440671]  dump_stack_lvl+0x8c/0xd0
[   21.441321]  print_report+0x118/0x608
[   21.441579]  kasan_report_invalid_free+0xc0/0xe8
[   21.441765]  __kasan_mempool_poison_pages+0xe0/0xe8
[   21.441890]  mempool_free+0x24c/0x328
[   21.441943]  mempool_double_free_helper+0x150/0x2e8
[   21.442388]  mempool_page_alloc_double_free+0xbc/0x118
[   21.442454]  kunit_try_run_case+0x170/0x3f0
[   21.442669]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.443006]  kthread+0x328/0x630
[   21.443060]  ret_from_fork+0x10/0x20
[   21.443460] 
[   21.443730] The buggy address belongs to the physical page:
[   21.443931] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc
[   21.444191] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.444415] raw: 0bfffe0000000000 0000000000000000 dead000000000122 0000000000000000
[   21.444522] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   21.444784] page dumped because: kasan: bad access detected
[   21.444981] 
[   21.445003] Memory state around the buggy address:
[   21.445084]  fff00000c78dbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.445467]  fff00000c78dbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.445858] >fff00000c78dc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.445929]                    ^
[   21.446081]  fff00000c78dc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.446164]  fff00000c78dc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.446367] ==================================================================
[   21.404972] ==================================================================
[   21.405034] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   21.405086] Free of addr fff00000c5713600 by task kunit_try_catch/235
[   21.405128] 
[   21.405452] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.406043] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.406323] Hardware name: linux,dummy-virt (DT)
[   21.406421] Call trace:
[   21.406547]  show_stack+0x20/0x38 (C)
[   21.406677]  dump_stack_lvl+0x8c/0xd0
[   21.406914]  print_report+0x118/0x608
[   21.407367]  kasan_report_invalid_free+0xc0/0xe8
[   21.407423]  check_slab_allocation+0xd4/0x108
[   21.407497]  __kasan_mempool_poison_object+0x78/0x150
[   21.407549]  mempool_free+0x28c/0x328
[   21.407603]  mempool_double_free_helper+0x150/0x2e8
[   21.407799]  mempool_kmalloc_double_free+0xc0/0x118
[   21.407872]  kunit_try_run_case+0x170/0x3f0
[   21.407922]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.407976]  kthread+0x328/0x630
[   21.408015]  ret_from_fork+0x10/0x20
[   21.408064] 
[   21.408082] Allocated by task 235:
[   21.408119]  kasan_save_stack+0x3c/0x68
[   21.408172]  kasan_save_track+0x20/0x40
[   21.408210]  kasan_save_alloc_info+0x40/0x58
[   21.408555]  __kasan_mempool_unpoison_object+0x11c/0x180
[   21.408602]  remove_element+0x130/0x1f8
[   21.408638]  mempool_alloc_preallocated+0x58/0xc0
[   21.408674]  mempool_double_free_helper+0x94/0x2e8
[   21.409026]  mempool_kmalloc_double_free+0xc0/0x118
[   21.409134]  kunit_try_run_case+0x170/0x3f0
[   21.409212]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.409303]  kthread+0x328/0x630
[   21.409336]  ret_from_fork+0x10/0x20
[   21.409372] 
[   21.409390] Freed by task 235:
[   21.409462]  kasan_save_stack+0x3c/0x68
[   21.409519]  kasan_save_track+0x20/0x40
[   21.409588]  kasan_save_free_info+0x4c/0x78
[   21.409671]  __kasan_mempool_poison_object+0xc0/0x150
[   21.409731]  mempool_free+0x28c/0x328
[   21.409765]  mempool_double_free_helper+0x100/0x2e8
[   21.409804]  mempool_kmalloc_double_free+0xc0/0x118
[   21.409842]  kunit_try_run_case+0x170/0x3f0
[   21.410088]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.410139]  kthread+0x328/0x630
[   21.410242]  ret_from_fork+0x10/0x20
[   21.410280] 
[   21.410299] The buggy address belongs to the object at fff00000c5713600
[   21.410299]  which belongs to the cache kmalloc-128 of size 128
[   21.410593] The buggy address is located 0 bytes inside of
[   21.410593]  128-byte region [fff00000c5713600, fff00000c5713680)
[   21.410666] 
[   21.410684] The buggy address belongs to the physical page:
[   21.410735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x105713
[   21.410788] flags: 0xbfffe0000000000(node=0|zone=2|lastcpupid=0x1ffff)
[   21.410984] page_type: f5(slab)
[   21.411186] raw: 0bfffe0000000000 fff00000c0001a00 dead000000000122 0000000000000000
[   21.411306] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   21.411393] page dumped because: kasan: bad access detected
[   21.411483] 
[   21.411705] Memory state around the buggy address:
[   21.411755]  fff00000c5713500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.411800]  fff00000c5713580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.411844] >fff00000c5713600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   21.412692]                    ^
[   21.413068]  fff00000c5713680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   21.413328]  fff00000c5713700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   21.413448] ==================================================================
[   21.422133] ==================================================================
[   21.422424] BUG: KASAN: double-free in mempool_double_free_helper+0x150/0x2e8
[   21.422524] Free of addr fff00000c78dc000 by task kunit_try_catch/237
[   21.422568] 
[   21.422790] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT 
[   21.423020] Tainted: [B]=BAD_PAGE, [N]=TEST
[   21.423054] Hardware name: linux,dummy-virt (DT)
[   21.423112] Call trace:
[   21.423137]  show_stack+0x20/0x38 (C)
[   21.423188]  dump_stack_lvl+0x8c/0xd0
[   21.423500]  print_report+0x118/0x608
[   21.423578]  kasan_report_invalid_free+0xc0/0xe8
[   21.423627]  __kasan_mempool_poison_object+0x14c/0x150
[   21.423695]  mempool_free+0x28c/0x328
[   21.423979]  mempool_double_free_helper+0x150/0x2e8
[   21.424141]  mempool_kmalloc_large_double_free+0xc0/0x118
[   21.424238]  kunit_try_run_case+0x170/0x3f0
[   21.424472]  kunit_generic_run_threadfn_adapter+0x88/0x100
[   21.424532]  kthread+0x328/0x630
[   21.424572]  ret_from_fork+0x10/0x20
[   21.424772] 
[   21.425014] The buggy address belongs to the physical page:
[   21.425093] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1078dc
[   21.425149] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   21.425196] flags: 0xbfffe0000000040(head|node=0|zone=2|lastcpupid=0x1ffff)
[   21.425250] page_type: f8(unknown)
[   21.425825] raw: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.426076] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.427255] head: 0bfffe0000000040 0000000000000000 dead000000000122 0000000000000000
[   21.427466] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   21.427622] head: 0bfffe0000000002 ffffc1ffc31e3701 00000000ffffffff 00000000ffffffff
[   21.427912] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   21.427981] page dumped because: kasan: bad access detected
[   21.428012] 
[   21.428031] Memory state around the buggy address:
[   21.428259]  fff00000c78dbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.428341]  fff00000c78dbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.428662] >fff00000c78dc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.428861]                    ^
[   21.428896]  fff00000c78dc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.429133]  fff00000c78dc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   21.429201] ==================================================================

Metadata Full log Test run details

arch

arm64

host

x86_64

plan

2zbZAsW0CRR2ffMkw5j8F6DHgyw

job_id

TEST:linaro@lkft#2zbZELhCwKziSXCacuqaKlig2QS

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zbZELhCwKziSXCacuqaKlig2QS

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zbZBqBVTAxuRuCQHYdewgbYp7s/Image.gz
sha256sum	13ed34663cef83d4fb86ede6789c93f31050bb758da77d00bf5796a1642a8000

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/arm64/rootfs.ext4.xz
sha256sum	1eaaae772692e22cefec5345d642e254407cec1431dd51a20007af2a1819b610

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zbZBqBVTAxuRuCQHYdewgbYp7s/modules.tar.xz
sha256sum	a968762691f131e35c1b902f768cc0424c6e9593e0a95acbdc41831f7268e4b5

durations

tests

boot	0
kunit	166.57

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

[   14.683889] ==================================================================
[   14.684425] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.684701] Free of addr ffff888102b84000 by task kunit_try_catch/256
[   14.684991] 
[   14.685121] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.685167] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.685179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.685201] Call Trace:
[   14.685213]  <TASK>
[   14.685230]  dump_stack_lvl+0x73/0xb0
[   14.685258]  print_report+0xd1/0x650
[   14.685281]  ? __virt_addr_valid+0x1db/0x2d0
[   14.685306]  ? kasan_addr_to_slab+0x11/0xa0
[   14.685325]  ? mempool_double_free_helper+0x184/0x370
[   14.685349]  kasan_report_invalid_free+0x10a/0x130
[   14.685372]  ? mempool_double_free_helper+0x184/0x370
[   14.685398]  ? mempool_double_free_helper+0x184/0x370
[   14.685420]  __kasan_mempool_poison_pages+0x115/0x130
[   14.685444]  mempool_free+0x290/0x380
[   14.685470]  mempool_double_free_helper+0x184/0x370
[   14.685493]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.685517]  ? __kasan_check_write+0x18/0x20
[   14.685536]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.685563]  ? finish_task_switch.isra.0+0x153/0x700
[   14.685589]  mempool_page_alloc_double_free+0xe8/0x140
[   14.685614]  ? __pfx_mempool_page_alloc_double_free+0x10/0x10
[   14.685641]  ? __pfx_mempool_alloc_pages+0x10/0x10
[   14.685663]  ? __pfx_mempool_free_pages+0x10/0x10
[   14.685688]  ? __pfx_read_tsc+0x10/0x10
[   14.685709]  ? ktime_get_ts64+0x86/0x230
[   14.685733]  kunit_try_run_case+0x1a5/0x480
[   14.685757]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.685778]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.685801]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.685824]  ? __kthread_parkme+0x82/0x180
[   14.685844]  ? preempt_count_sub+0x50/0x80
[   14.685867]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.685889]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.685912]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.685935]  kthread+0x337/0x6f0
[   14.685953]  ? trace_preempt_on+0x20/0xc0
[   14.685976]  ? __pfx_kthread+0x10/0x10
[   14.685996]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.686016]  ? calculate_sigpending+0x7b/0xa0
[   14.686078]  ? __pfx_kthread+0x10/0x10
[   14.686100]  ret_from_fork+0x116/0x1d0
[   14.686119]  ? __pfx_kthread+0x10/0x10
[   14.686139]  ret_from_fork_asm+0x1a/0x30
[   14.686171]  </TASK>
[   14.686182] 
[   14.695322] The buggy address belongs to the physical page:
[   14.695522] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b84
[   14.695891] flags: 0x200000000000000(node=0|zone=2)
[   14.696221] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000
[   14.696484] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[   14.696841] page dumped because: kasan: bad access detected
[   14.697163] 
[   14.697262] Memory state around the buggy address:
[   14.697435]  ffff888102b83f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.697773]  ffff888102b83f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.698266] >ffff888102b84000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.698570]                    ^
[   14.698770]  ffff888102b84080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.698994]  ffff888102b84100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.699288] ==================================================================
[   14.662027] ==================================================================
[   14.662766] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.663285] Free of addr ffff888103a50000 by task kunit_try_catch/254
[   14.663620] 
[   14.663726] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.663774] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.663786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.663810] Call Trace:
[   14.663823]  <TASK>
[   14.663842]  dump_stack_lvl+0x73/0xb0
[   14.663874]  print_report+0xd1/0x650
[   14.663897]  ? __virt_addr_valid+0x1db/0x2d0
[   14.663922]  ? kasan_addr_to_slab+0x11/0xa0
[   14.663941]  ? mempool_double_free_helper+0x184/0x370
[   14.663965]  kasan_report_invalid_free+0x10a/0x130
[   14.663989]  ? mempool_double_free_helper+0x184/0x370
[   14.664014]  ? mempool_double_free_helper+0x184/0x370
[   14.664037]  __kasan_mempool_poison_object+0x1b3/0x1d0
[   14.664150]  mempool_free+0x2ec/0x380
[   14.664179]  mempool_double_free_helper+0x184/0x370
[   14.664202]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.664224]  ? update_load_avg+0x1be/0x21b0
[   14.664249]  ? update_load_avg+0x1be/0x21b0
[   14.664269]  ? update_curr+0x80/0x810
[   14.664291]  ? finish_task_switch.isra.0+0x153/0x700
[   14.664317]  mempool_kmalloc_large_double_free+0xed/0x140
[   14.664340]  ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10
[   14.664367]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.664389]  ? __pfx_mempool_kfree+0x10/0x10
[   14.664413]  ? __pfx_read_tsc+0x10/0x10
[   14.664434]  ? ktime_get_ts64+0x86/0x230
[   14.664459]  kunit_try_run_case+0x1a5/0x480
[   14.664484]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.664505]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.664530]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.664572]  ? __kthread_parkme+0x82/0x180
[   14.664595]  ? preempt_count_sub+0x50/0x80
[   14.664619]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.664644]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.664666]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.664689]  kthread+0x337/0x6f0
[   14.664708]  ? trace_preempt_on+0x20/0xc0
[   14.664732]  ? __pfx_kthread+0x10/0x10
[   14.664752]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.664773]  ? calculate_sigpending+0x7b/0xa0
[   14.664797]  ? __pfx_kthread+0x10/0x10
[   14.664818]  ret_from_fork+0x116/0x1d0
[   14.664835]  ? __pfx_kthread+0x10/0x10
[   14.664856]  ret_from_fork_asm+0x1a/0x30
[   14.664887]  </TASK>
[   14.664899] 
[   14.674155] The buggy address belongs to the physical page:
[   14.674399] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a50
[   14.674678] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   14.674990] flags: 0x200000000000040(head|node=0|zone=2)
[   14.675442] page_type: f8(unknown)
[   14.675659] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.676007] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.676432] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000
[   14.676694] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000
[   14.676965] head: 0200000000000002 ffffea00040e9401 00000000ffffffff 00000000ffffffff
[   14.677329] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[   14.677674] page dumped because: kasan: bad access detected
[   14.677940] 
[   14.678030] Memory state around the buggy address:
[   14.678325]  ffff888103a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.678666]  ffff888103a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.678942] >ffff888103a50000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.679418]                    ^
[   14.679598]  ffff888103a50080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.679820]  ffff888103a50100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[   14.680162] ==================================================================
[   14.633588] ==================================================================
[   14.634108] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370
[   14.634425] Free of addr ffff888102af6e00 by task kunit_try_catch/252
[   14.634709] 
[   14.634824] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G    B            N  6.16.0-rc5 #1 PREEMPT(voluntary) 
[   14.634873] Tainted: [B]=BAD_PAGE, [N]=TEST
[   14.634888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[   14.634915] Call Trace:
[   14.634928]  <TASK>
[   14.634946]  dump_stack_lvl+0x73/0xb0
[   14.634977]  print_report+0xd1/0x650
[   14.635001]  ? __virt_addr_valid+0x1db/0x2d0
[   14.635028]  ? kasan_complete_mode_report_info+0x64/0x200
[   14.635068]  ? mempool_double_free_helper+0x184/0x370
[   14.635094]  kasan_report_invalid_free+0x10a/0x130
[   14.635119]  ? mempool_double_free_helper+0x184/0x370
[   14.635146]  ? mempool_double_free_helper+0x184/0x370
[   14.635170]  ? mempool_double_free_helper+0x184/0x370
[   14.635193]  check_slab_allocation+0x101/0x130
[   14.635215]  __kasan_mempool_poison_object+0x91/0x1d0
[   14.635240]  mempool_free+0x2ec/0x380
[   14.635269]  mempool_double_free_helper+0x184/0x370
[   14.635293]  ? __pfx_mempool_double_free_helper+0x10/0x10
[   14.635320]  ? __kasan_check_write+0x18/0x20
[   14.635340]  ? __pfx_sched_clock_cpu+0x10/0x10
[   14.635363]  ? finish_task_switch.isra.0+0x153/0x700
[   14.635391]  mempool_kmalloc_double_free+0xed/0x140
[   14.635415]  ? __pfx_mempool_kmalloc_double_free+0x10/0x10
[   14.635443]  ? __pfx_mempool_kmalloc+0x10/0x10
[   14.635466]  ? __pfx_mempool_kfree+0x10/0x10
[   14.635492]  ? __pfx_read_tsc+0x10/0x10
[   14.635514]  ? ktime_get_ts64+0x86/0x230
[   14.635539]  kunit_try_run_case+0x1a5/0x480
[   14.635565]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.635588]  ? _raw_spin_lock_irqsave+0xa1/0x100
[   14.635613]  ? _raw_spin_unlock_irqrestore+0x5f/0x90
[   14.635637]  ? __kthread_parkme+0x82/0x180
[   14.635659]  ? preempt_count_sub+0x50/0x80
[   14.635682]  ? __pfx_kunit_try_run_case+0x10/0x10
[   14.635706]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.635730]  ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10
[   14.635755]  kthread+0x337/0x6f0
[   14.635773]  ? trace_preempt_on+0x20/0xc0
[   14.635797]  ? __pfx_kthread+0x10/0x10
[   14.635818]  ? _raw_spin_unlock_irq+0x47/0x80
[   14.635839]  ? calculate_sigpending+0x7b/0xa0
[   14.635865]  ? __pfx_kthread+0x10/0x10
[   14.635886]  ret_from_fork+0x116/0x1d0
[   14.635906]  ? __pfx_kthread+0x10/0x10
[   14.635926]  ret_from_fork_asm+0x1a/0x30
[   14.635959]  </TASK>
[   14.635970] 
[   14.644957] Allocated by task 252:
[   14.645236]  kasan_save_stack+0x45/0x70
[   14.645393]  kasan_save_track+0x18/0x40
[   14.645602]  kasan_save_alloc_info+0x3b/0x50
[   14.645819]  __kasan_mempool_unpoison_object+0x1a9/0x200
[   14.646156]  remove_element+0x11e/0x190
[   14.646334]  mempool_alloc_preallocated+0x4d/0x90
[   14.646518]  mempool_double_free_helper+0x8a/0x370
[   14.646733]  mempool_kmalloc_double_free+0xed/0x140
[   14.646971]  kunit_try_run_case+0x1a5/0x480
[   14.647251]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.647471]  kthread+0x337/0x6f0
[   14.647656]  ret_from_fork+0x116/0x1d0
[   14.647852]  ret_from_fork_asm+0x1a/0x30
[   14.648109] 
[   14.648207] Freed by task 252:
[   14.648340]  kasan_save_stack+0x45/0x70
[   14.648493]  kasan_save_track+0x18/0x40
[   14.648707]  kasan_save_free_info+0x3f/0x60
[   14.648913]  __kasan_mempool_poison_object+0x131/0x1d0
[   14.649211]  mempool_free+0x2ec/0x380
[   14.649391]  mempool_double_free_helper+0x109/0x370
[   14.649631]  mempool_kmalloc_double_free+0xed/0x140
[   14.649798]  kunit_try_run_case+0x1a5/0x480
[   14.649942]  kunit_generic_run_threadfn_adapter+0x85/0xf0
[   14.650266]  kthread+0x337/0x6f0
[   14.650440]  ret_from_fork+0x116/0x1d0
[   14.650643]  ret_from_fork_asm+0x1a/0x30
[   14.650837] 
[   14.650932] The buggy address belongs to the object at ffff888102af6e00
[   14.650932]  which belongs to the cache kmalloc-128 of size 128
[   14.651487] The buggy address is located 0 bytes inside of
[   14.651487]  128-byte region [ffff888102af6e00, ffff888102af6e80)
[   14.651964] 
[   14.652135] The buggy address belongs to the physical page:
[   14.652343] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af6
[   14.652685] flags: 0x200000000000000(node=0|zone=2)
[   14.652931] page_type: f5(slab)
[   14.653178] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000
[   14.653501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000
[   14.653830] page dumped because: kasan: bad access detected
[   14.654112] 
[   14.654214] Memory state around the buggy address:
[   14.654425]  ffff888102af6d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.654736]  ffff888102af6d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.655018] >ffff888102af6e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   14.655434]                    ^
[   14.655611]  ffff888102af6e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   14.655886]  ffff888102af6f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   14.656275] ==================================================================

Metadata Full log Test run details

arch

x86_64

host

x86_64

plan

2zbZAsW0CRR2ffMkw5j8F6DHgyw

job_id

TEST:linaro@lkft#2zbZFHK4Sw86b4pmV5PXfz8prpJ

job_url

https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/lkft/tests/2zbZFHK4Sw86b4pmV5PXfz8prpJ

artefacts

kernel

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zbZCcAU3GCfH6PwaRBQnAehPTl/bzImage
sha256sum	0bf0ad7ccf29b0f731e894460d46dafee55e63e8cafe197024b102058e3d162c

rootfs

url	https://storage.tuxboot.com/debian/20250617/trixie/amd64/rootfs.ext4.xz
sha256sum	a7dcdb286e1265c85a4d6cd5429adc51604a3ebde1d9a3c934aef78862d5fee4

modules

url	https://storage.tuxsuite.com/public/linaro/lkft/builds/2zbZCcAU3GCfH6PwaRBQnAehPTl/modules.tar.xz
sha256sum	0dc6a04d7bca38bbdcbb0c995f09194f0b64c8de10ad0918054455d46bad2376

durations

tests

boot	0
kunit	214.08

host_arch

amd64

build_name

gcc-13-lkftconfig-kunit

job_status

Complete

qemu_version

1:10.0.0+ds-1

Metadata

Failure - qemu-arm64 - gcc-13-lkftconfig-kunit

Failure - qemu-x86_64 - gcc-13-lkftconfig-kunit